{"notices":[{"id":"USN-8044-2","title":"alsa-lib vulnerability","summary":"alsa-lib could be made to crash or run programs if it opened a specially\ncrafted file.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-09T09:23:55.788706","description":"USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the\ncorresponding fix for alsa-lib on Ubuntu 20.04 LTS.\n\nOriginal advisory details:\n\n It was discovered that alsa-lib incorrectly handled the topology mixer\n control decoder. A local attacker could use a specially crafted topology\n file to cause alsa-lib to crash, resulting in a denial of service, or\n possibly execute arbitrary code.","is_hidden":false,"release_packages":{"focal":[{"name":"alsa-lib","version":"1.2.2-2.1ubuntu2.5+esm1","description":"shared library for ALSA applications","is_source":true},{"name":"libasound2","version":"1.2.2-2.1ubuntu2.5+esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/alsa-lib","version_link":null,"pocket":"esm-infra"}]},"type":"USN","cves":[{"id":"CVE-2026-25068","notices_ids":["USN-8044-1","USN-8044-2"]}],"cves_ids":["CVE-2026-25068"],"releases":[{"codename":"focal","version":"20.04","support_tag":"ESM"}],"related_notices":["USN-8044-1"]},{"id":"USN-8410-1","title":"shell-quote vulnerability","summary":"shell-quote could be made to crash or run programs as your login if it\nreceived specially crafted input.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-09T08:38:23.785593","description":"Akshat Sinha discovered that shell-quote improperly validated object-token\ninputs. An attacker could possibly use this issue to cause shell-quote to\ncrash, resulting in a denial of service, or execute arbitrary code.","is_hidden":false,"release_packages":{"bionic":[{"name":"node-shell-quote","version":"1.6.1+20160617-git72fb5a8ce29b-1ubuntu0.1~esm1","description":"Parse and quote shell commands","is_source":true},{"name":"node-shell-quote","version":"1.6.1+20160617-git72fb5a8ce29b-1ubuntu0.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/node-shell-quote","version_link":null,"pocket":"esm-apps"}],"jammy":[{"name":"node-shell-quote","version":"1.7.3+~1.7.1-1ubuntu0.1~esm1","description":"Parse and quote shell commands","is_source":true},{"name":"node-shell-quote","version":"1.7.3+~1.7.1-1ubuntu0.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/node-shell-quote","version_link":null,"pocket":"esm-apps"}],"noble":[{"name":"node-shell-quote","version":"1.7.4+~1.7.1-1ubuntu0.24.04.1","description":"Parse and quote shell commands","is_source":true},{"name":"node-shell-quote","version":"1.7.4+~1.7.1-1ubuntu0.24.04.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/node-shell-quote","version_link":"https://launchpad.net/ubuntu/+source/node-shell-quote/1.7.4+~1.7.1-1ubuntu0.24.04.1","pocket":"security"}],"questing":[{"name":"node-shell-quote","version":"1.7.4+~1.7.1-1ubuntu0.25.10.1","description":"Parse and quote shell commands","is_source":true},{"name":"node-shell-quote","version":"1.7.4+~1.7.1-1ubuntu0.25.10.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/node-shell-quote","version_link":"https://launchpad.net/ubuntu/+source/node-shell-quote/1.7.4+~1.7.1-1ubuntu0.25.10.1","pocket":"security"}],"resolute":[{"name":"node-shell-quote","version":"1.8.3+~1.7.5-1ubuntu0.1~esm1","description":"Parse and quote shell commands","is_source":true},{"name":"node-shell-quote","version":"1.8.3+~1.7.5-1ubuntu0.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/node-shell-quote","version_link":null,"pocket":"esm-apps"}]},"type":"USN","cves":[{"id":"CVE-2026-9277","notices_ids":["USN-8410-1"]}],"cves_ids":["CVE-2026-9277"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"},{"codename":"bionic","version":"18.04","support_tag":"ESM"}],"related_notices":[]},{"id":"USN-8408-1","title":"Twig vulnerability","summary":"Twig could be made to run programs if it received specially crafted network\ntraffic from an authenticated user.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T19:36:58.037400","description":"It was discovered that Twig did not properly validate PHP callables when\nusing a source policy. An authenticated user could possibly use this issue\nto execute arbitrary code.","is_hidden":false,"release_packages":{"resolute":[{"name":"php-twig","version":"3.23.0-2ubuntu0.1~esm1","description":"Flexible, fast, and secure template engine for PHP","is_source":true},{"name":"php-twig","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-cache-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-cssinliner-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-doc","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-extra-bundle","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-html-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-inky-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-intl-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-markdown-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"},{"name":"php-twig-string-extra","version":"3.23.0-2ubuntu0.1~esm1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/php-twig","version_link":null,"pocket":"esm-apps"}]},"type":"USN","cves":[{"id":"CVE-2026-24425","notices_ids":["USN-8408-1"]}],"cves_ids":["CVE-2026-24425"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8407-1","title":"strongSwan vulnerability","summary":"strongSwan could be made to crash or run programs if it received specially\ncrafted network traffic.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T17:28:38.144440","description":"Elliott Childre discovered that strongSwan incorrectly handled the cloning\nof certain identities. A remote attacker could use this issue to cause\nstrongSwan to crash, resulting in a denial of service, or possibly execute\narbitrary code.","is_hidden":false,"release_packages":{"jammy":[{"name":"strongswan","version":"5.9.5-2ubuntu2.7","description":"IPsec VPN solution","is_source":true},{"name":"charon-cmd","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"charon-systemd","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"libcharon-extauth-plugins","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"libcharon-extra-plugins","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"libstrongswan","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"libstrongswan-extra-plugins","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"libstrongswan-standard-plugins","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-charon","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-libcharon","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-nm","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-pki","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-scepclient","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-starter","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"},{"name":"strongswan-swanctl","version":"5.9.5-2ubuntu2.7","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.7","pocket":"security"}],"noble":[{"name":"strongswan","version":"5.9.13-2ubuntu4.24.04.4","description":"IPsec VPN solution","is_source":true},{"name":"charon-cmd","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"charon-systemd","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"libcharon-extauth-plugins","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"libcharon-extra-plugins","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"libstrongswan","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"libstrongswan-extra-plugins","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"libstrongswan-standard-plugins","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-charon","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-libcharon","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-nm","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-pki","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-starter","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"},{"name":"strongswan-swanctl","version":"5.9.13-2ubuntu4.24.04.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/5.9.13-2ubuntu4.24.04.4","pocket":"security"}],"questing":[{"name":"strongswan","version":"6.0.1-6ubuntu4.4","description":"IPsec VPN solution","is_source":true},{"name":"charon-cmd","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"charon-systemd","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"libcharon-extauth-plugins","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"libcharon-extra-plugins","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"libstrongswan","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"libstrongswan-extra-plugins","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"libstrongswan-standard-plugins","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-charon","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-libcharon","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-nm","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-pki","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-starter","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"},{"name":"strongswan-swanctl","version":"6.0.1-6ubuntu4.4","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.1-6ubuntu4.4","pocket":"security"}],"resolute":[{"name":"strongswan","version":"6.0.4-1ubuntu3.1","description":"IPsec VPN solution","is_source":true},{"name":"charon-cmd","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"charon-systemd","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"libcharon-extauth-plugins","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"libcharon-extra-plugins","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"libstrongswan","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"libstrongswan-extra-plugins","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"libstrongswan-standard-plugins","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-charon","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-libcharon","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-nm","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-pki","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-starter","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"},{"name":"strongswan-swanctl","version":"6.0.4-1ubuntu3.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/strongswan","version_link":"https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu3.1","pocket":"security"}]},"type":"USN","cves":[{"id":"CVE-2026-47895","notices_ids":["USN-8407-1"]}],"cves_ids":["CVE-2026-47895"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8349-2","title":"rsync regression","summary":"USN-8349-1 introduced regressions in rsync.","instructions":"After a standard system update you need to restart rsync daemons if\nconfigured to make all the necessary changes.","references":["https://launchpad.net/bugs/2155874"],"published":"2026-06-08T16:41:09.616646","description":"USN-8349-1 fixed vulnerabilities in rsync. The update introduced multiple\nregressions in rsync functionality. This update fixes the problem.\n\nOriginal advisory details:\n\n Calum Hutton discovered that rsync contained a heap-based out-of-bounds\n read when handling file transfers. A remote attacker with read access\n to an rsync server could possibly use this issue to cause a denial of\n service. (CVE-2025-10158)\n\n Batuhan Sancak, Damien Neil, and Michael Stapelberg discovered that\n rsync daemons configured without chroot protection were exposed to a\n race condition on parent path components. A local attacker with write\n access to a module could possibly use this issue to overwrite files,\n obtain sensitive information, or escalate privileges.\n (CVE-2026-29518)\n\n It was discovered that rsync did not properly validate a length value\n while sorting extended attributes. An attacker could possibly use this\n issue to cause a denial of service. (CVE-2026-41035)\n\n It was discovered that rsync performed reverse-DNS lookups after\n chrooting in some daemon configurations. A remote attacker could\n possibly use this issue to bypass hostname-based access controls and\n access network services. (CVE-2026-43617)\n\n Omar Elsayed discovered that rsync did not properly check for integer\n overflows while decoding compressed tokens. A remote attacker could\n possibly use this issue to obtain sensitive information.\n (CVE-2026-43618)\n\n Andrew Tridgell discovered that rsync did not fully fix a symlink race\n condition in path-based system calls for daemons configured without\n chroot protection. A local attacker could possibly use this issue to\n overwrite files, obtain sensitive information, or escalate privileges.\n (CVE-2026-43619)\n\n Pratham Gupta discovered that rsync did not properly validate an index\n while processing file lists. A remote attacker could possibly use this\n issue to cause rsync to crash, resulting in a denial of service.\n (CVE-2026-43620)\n\n Michal Ruprich discovered that rsync contained an off-by-one error\n while handling HTTP proxy responses. An attacker able to intercept network\n communications or a malicious proxy server could possibly use this issue to\n cause a denial of service. (CVE-2026-45232)","is_hidden":false,"release_packages":{"jammy":[{"name":"rsync","version":"3.2.7-0ubuntu0.22.04.7","description":"fast, versatile, remote (and local) file-copying tool","is_source":true},{"name":"rsync","version":"3.2.7-0ubuntu0.22.04.7","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/rsync","version_link":"https://launchpad.net/ubuntu/+source/rsync/3.2.7-0ubuntu0.22.04.7","pocket":"security"}],"noble":[{"name":"rsync","version":"3.2.7-1ubuntu1.5","description":"fast, versatile, remote (and local) file-copying tool","is_source":true},{"name":"rsync","version":"3.2.7-1ubuntu1.5","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/rsync","version_link":"https://launchpad.net/ubuntu/+source/rsync/3.2.7-1ubuntu1.5","pocket":"security"}],"questing":[{"name":"rsync","version":"3.4.1+ds1-5ubuntu1.3","description":"fast, versatile, remote (and local) file-copying tool","is_source":true},{"name":"rsync","version":"3.4.1+ds1-5ubuntu1.3","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/rsync","version_link":"https://launchpad.net/ubuntu/+source/rsync/3.4.1+ds1-5ubuntu1.3","pocket":"security"}],"resolute":[{"name":"rsync","version":"3.4.1+ds1-7ubuntu0.3","description":"fast, versatile, remote (and local) file-copying tool","is_source":true},{"name":"rsync","version":"3.4.1+ds1-7ubuntu0.3","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/rsync","version_link":"https://launchpad.net/ubuntu/+source/rsync/3.4.1+ds1-7ubuntu0.3","pocket":"security"}]},"type":"USN","cves":[],"cves_ids":[],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8406-1","title":"Net::CIDR::Lite vulnerabilities","summary":"Several security issues were fixed in Net::CIDR::Lite.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T16:06:45.030827","description":"Dave Rolsky discovered that Net::CIDR::Lite did not properly handle\nextraneous zero characters at the beginning of an IP address string. A\nremote attacker could possibly use this issue to bypass access controls\nthat are based on IP addresses. This issue only affected Ubuntu 16.04 LTS\nand Ubuntu 18.04 LTS. (CVE-2021-47154)\n\nIt was discovered that Net::CIDR::Lite did not properly validate the IPv6\ngroup count when handling uncompressed IPv6 addresses. A remote attacker\ncould possibly use this issue to bypass access controls. (CVE-2026-40198)\n\nIt was discovered that Net::CIDR::Lite mishandled IPv4 mapped IPv6\naddresses. A remote attacker could possibly use this issue to bypass access\ncontrols that are based on IP addresses. (CVE-2026-40199)","is_hidden":false,"release_packages":{"bionic":[{"name":"libnet-cidr-lite-perl","version":"0.21-1ubuntu0.18.04.1~esm1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.21-1ubuntu0.18.04.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":null,"pocket":"esm-infra"}],"focal":[{"name":"libnet-cidr-lite-perl","version":"0.21-2ubuntu0.1+esm1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.21-2ubuntu0.1+esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":null,"pocket":"esm-infra"}],"jammy":[{"name":"libnet-cidr-lite-perl","version":"0.22-1ubuntu0.1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.22-1ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl/0.22-1ubuntu0.1","pocket":"security"}],"noble":[{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.24.04.1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.24.04.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl/0.22-2ubuntu0.24.04.1","pocket":"security"}],"questing":[{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.25.10.1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.25.10.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl/0.22-2ubuntu0.25.10.1","pocket":"security"}],"resolute":[{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.26.04.1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.22-2ubuntu0.26.04.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl/0.22-2ubuntu0.26.04.1","pocket":"security"}],"xenial":[{"name":"libnet-cidr-lite-perl","version":"0.21-1ubuntu0.16.04.1~esm1","description":"module for merging IPv4 or IPv6 CIDR address ranges","is_source":true},{"name":"libnet-cidr-lite-perl","version":"0.21-1ubuntu0.16.04.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/libnet-cidr-lite-perl","version_link":null,"pocket":"esm-apps-legacy"}]},"type":"USN","cves":[{"id":"CVE-2026-40198","notices_ids":["USN-8406-1"]},{"id":"CVE-2021-47154","notices_ids":["USN-6712-1","USN-8406-1"]},{"id":"CVE-2026-40199","notices_ids":["USN-8406-1"]}],"cves_ids":["CVE-2026-40198","CVE-2021-47154","CVE-2026-40199"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"},{"codename":"focal","version":"20.04","support_tag":"ESM"},{"codename":"bionic","version":"18.04","support_tag":"ESM"},{"codename":"xenial","version":"16.04","support_tag":"ESM"}],"related_notices":["USN-6712-1"]},{"id":"USN-8405-1","title":"CUPS vulnerabilities","summary":"Several security issues were fixed in CUPS.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T15:51:32.119103","description":"Ariel Silver discovered that CUPS incorrectly handled username comparisons\nduring authorization checks. A local attacker could possibly use this issue\nto gain unauthorized access to restricted operations. (CVE-2026-27447)\n\nAsim Viladi Oglu Manizada discovered that CUPS incorrectly handled\nnotify-recipient-uri values in the RSS notifier. A remote attacker could\npossibly use this issue to overwrite lp-writable files and cause a denial\nof service. (CVE-2026-34978)\n\nJacob Newman discovered that CUPS incorrectly handled filter option strings\nwhen processing job attributes. An attacker could use this issue to cause\nCUPS to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2026-34979)\n\nAsim Viladi Oglu Manizada discovered that CUPS incorrectly handled\npage-border values in shared PostScript queues. A remote attacker could\npossibly use this issue to execute arbitrary code. (CVE-2026-34980)\n\nAsim Viladi Oglu Manizada discovered that CUPS incorrectly handled\nlocalhost authentication to attacker-controlled IPP services. A local\nattacker could possibly use this issue to overwrite arbitrary files\nand execute arbitrary code. (CVE-2026-34990)\n\nTomer Fichman discovered that CUPS incorrectly handled negative\njob-password-supported values. A local attacker could possibly use this\nissue to cause CUPS to crash, resulting in a denial of service.\n(CVE-2026-39314)\n\nTomer Fichman discovered that CUPS incorrectly handled temporary printer\ndeletion. An attacker could possibly use this issue to cause CUPS to crash,\nresulting in a denial of service, or to execute arbitrary code.\n(CVE-2026-39316)\n\nTomer Fichman discovered that CUPS incorrectly handled certain malformed\nSNMP responses. An attacker could possibly use this issue to obtain\nsensitive information. (CVE-2026-41079)","is_hidden":false,"release_packages":{"jammy":[{"name":"cups","version":"2.4.1op1-1ubuntu4.20","description":"Common UNIX Printing System(tm)","is_source":true},{"name":"cups","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-bsd","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-client","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-common","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-core-drivers","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-daemon","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-ipp-utils","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-ppdc","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"cups-server-common","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"libcups2","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"libcups2-dev","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"libcupsimage2","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"},{"name":"libcupsimage2-dev","version":"2.4.1op1-1ubuntu4.20","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.1op1-1ubuntu4.20","pocket":"security"}],"noble":[{"name":"cups","version":"2.4.7-1.2ubuntu7.13","description":"Common UNIX Printing System(tm)","is_source":true},{"name":"cups","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-bsd","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-client","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-common","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-core-drivers","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-daemon","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-ipp-utils","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-ppdc","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"cups-server-common","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"libcups2-dev","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"libcups2t64","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"libcupsimage2-dev","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"},{"name":"libcupsimage2t64","version":"2.4.7-1.2ubuntu7.13","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.7-1.2ubuntu7.13","pocket":"security"}],"questing":[{"name":"cups","version":"2.4.12-0ubuntu3.9","description":"Common UNIX Printing System(tm)","is_source":true},{"name":"cups","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-bsd","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-client","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-common","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-core-drivers","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-daemon","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-ipp-utils","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-ppdc","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"cups-server-common","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"libcups2-dev","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"libcups2t64","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"libcupsimage2-dev","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"},{"name":"libcupsimage2t64","version":"2.4.12-0ubuntu3.9","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.12-0ubuntu3.9","pocket":"security"}],"resolute":[{"name":"cups","version":"2.4.16-1ubuntu1.2","description":"Common UNIX Printing System(tm)","is_source":true},{"name":"cups","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-bsd","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-client","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-common","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-core-drivers","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-daemon","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-ipp-utils","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-ppdc","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"cups-server-common","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"libcups2-dev","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"libcups2t64","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"libcupsimage2-dev","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"},{"name":"libcupsimage2t64","version":"2.4.16-1ubuntu1.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/cups","version_link":"https://launchpad.net/ubuntu/+source/cups/2.4.16-1ubuntu1.2","pocket":"security"}]},"type":"USN","cves":[{"id":"CVE-2026-41079","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-39314","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-39316","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-27447","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-34979","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-34978","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-34980","notices_ids":["USN-8405-1"]},{"id":"CVE-2026-34990","notices_ids":["USN-8405-1"]}],"cves_ids":["CVE-2026-41079","CVE-2026-39314","CVE-2026-39316","CVE-2026-27447","CVE-2026-34979","CVE-2026-34978","CVE-2026-34980","CVE-2026-34990"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8404-1","title":"Transmission vulnerability","summary":"Transmission could allow unintended actions if a user visited a malicious\nwebsite.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T15:15:55.277528","description":"It was discovered that Transmission had a clickjacking weakness in the\nbrowser-facing WebUI and RPC response paths. An attacker could possibly use\nthis issue to trick users into performing unintended actions.","is_hidden":false,"release_packages":{"jammy":[{"name":"transmission","version":"3.00-2ubuntu2.2","description":"lightweight BitTorrent client","is_source":true},{"name":"transmission","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"},{"name":"transmission-cli","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"},{"name":"transmission-common","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"},{"name":"transmission-daemon","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"},{"name":"transmission-gtk","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"},{"name":"transmission-qt","version":"3.00-2ubuntu2.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/3.00-2ubuntu2.2","pocket":"security"}],"noble":[{"name":"transmission","version":"4.0.5-1ubuntu0.1","description":"lightweight BitTorrent client","is_source":true},{"name":"transmission","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"},{"name":"transmission-cli","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"},{"name":"transmission-common","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"},{"name":"transmission-daemon","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"},{"name":"transmission-gtk","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"},{"name":"transmission-qt","version":"4.0.5-1ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.0.5-1ubuntu0.1","pocket":"security"}],"questing":[{"name":"transmission","version":"4.1.0~beta2+dfsg-3ubuntu1.1","description":"lightweight BitTorrent client","is_source":true},{"name":"libtransmission-dev","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission-cli","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission-common","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission-daemon","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission-gtk","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"},{"name":"transmission-qt","version":"4.1.0~beta2+dfsg-3ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.0~beta2+dfsg-3ubuntu1.1","pocket":"security"}],"resolute":[{"name":"transmission","version":"4.1.1+dfsg-1ubuntu1.1","description":"lightweight BitTorrent client","is_source":true},{"name":"libtransmission-dev","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission-cli","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission-common","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission-daemon","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission-gtk","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"},{"name":"transmission-qt","version":"4.1.1+dfsg-1ubuntu1.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/transmission","version_link":"https://launchpad.net/ubuntu/+source/transmission/4.1.1+dfsg-1ubuntu1.1","pocket":"security"}]},"type":"USN","cves":[{"id":"CVE-2026-38978","notices_ids":["USN-8404-1"]}],"cves_ids":["CVE-2026-38978"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8403-1","title":"Kea DHCP vulnerability","summary":"Kea DHCP could be made to crash if it received specially crafted messages.","instructions":"After a standard system update you may need to restart Kea DHCP server\ninstances to make all the necessary changes.","references":[],"published":"2026-06-08T14:28:06.917299","description":"Ali Norouzi discovered that Kea DHCP did not properly handle maliciously\ncrafted messages over configured API sockets and HA listeners. A remote\nattacker could possibly use this issue to cause Kea DHCP to crash,\nresulting in a denial of service.","is_hidden":false,"release_packages":{"noble":[{"name":"isc-kea","version":"2.4.1-3ubuntu0.2","description":"Standards-based DHCP server","is_source":true},{"name":"kea","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-admin","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-common","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-ctrl-agent","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-dev","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-dhcp-ddns-server","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-dhcp4-server","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-dhcp6-server","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"kea-doc","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"},{"name":"python3-kea-connector","version":"2.4.1-3ubuntu0.2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.4.1-3ubuntu0.2","pocket":"security"}],"questing":[{"name":"isc-kea","version":"2.6.3-2ubuntu0.1","description":"Standards-based DHCP server","is_source":true},{"name":"kea","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-admin","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-common","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-ctrl-agent","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-dev","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-dhcp-ddns-server","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-dhcp4-server","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-dhcp6-server","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"kea-doc","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"},{"name":"python3-kea-connector","version":"2.6.3-2ubuntu0.1","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/isc-kea","version_link":"https://launchpad.net/ubuntu/+source/isc-kea/2.6.3-2ubuntu0.1","pocket":"security"}]},"type":"USN","cves":[{"id":"CVE-2026-3608","notices_ids":["USN-8403-1"]}],"cves_ids":["CVE-2026-3608"],"releases":[{"codename":"questing","version":"25.10","support_tag":""},{"codename":"noble","version":"24.04","support_tag":"LTS"}],"related_notices":[]},{"id":"USN-8401-1","title":"Netty vulnerabilities","summary":"Several security issues were fixed in Netty.","instructions":"In general, a standard system update will make all the necessary changes.","references":[],"published":"2026-06-08T13:38:28.313564","description":"It was discovered that Netty's HTTP proxy handler did not properly\nvalidate headers when constructing CONNECT requests. An\nattacker could possibly use this issue to inject arbitrary HTTP\nheaders into CONNECT requests. This issue only affected Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,\nand Ubuntu 26.04 LTS. (CVE-2026-42578)\n\nIt was discovered that Netty's DNS codec did not properly enforce\ndomain name constraints. An attacker could possibly use this issue to\nbypass domain name validation, or cause Netty to consume resources,\nleading to a denial of service. This issue only affected Ubuntu 20.04\nLTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS.\n(CVE-2026-42579)\n\nIt was discovered that Netty did not correctly handle HTTP/1.0\nrequests containing both a Transfer-Encoding and Content-Length\nheader. A remote attacker could possibly use this issue to perform\nHTTP request smuggling attacks. (CVE-2026-42581)\n\nVioleta Georgieva discovered that Netty incorrectly paired responses with\nrequests when handling informational HTTP responses. A remote attacker\ncould possibly use this issue to perform HTTP request smuggling attacks.\n(CVE-2026-42584)\n\nVioleta Georgieva discovered that Netty incorrectly parsed malformed\nTransfer-Encoding headers. A remote attacker could possibly use this\nissue to perform HTTP request smuggling attacks. (CVE-2026-42585)\n\nIt was discovered that Netty's Redis encoder did not validate CRLF\ncharacters. An attacker could possibly use this issue to inject arbitrary\nRedis commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS.\n(CVE-2026-42586)","is_hidden":false,"release_packages":{"bionic":[{"name":"netty","version":"1:4.1.7-4ubuntu0.1+esm6","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:4.1.7-4ubuntu0.1+esm6","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"}],"focal":[{"name":"netty","version":"1:4.1.45-1ubuntu0.1~esm6","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:4.1.45-1ubuntu0.1~esm6","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"}],"jammy":[{"name":"netty","version":"1:4.1.48-4+deb11u2ubuntu0.1+esm3","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:4.1.48-4+deb11u2ubuntu0.1+esm3","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"}],"noble":[{"name":"netty","version":"1:4.1.48-9ubuntu0.1+esm3","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:4.1.48-9ubuntu0.1+esm3","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"}],"resolute":[{"name":"netty","version":"1:4.1.48-16ubuntu0.1~esm2","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-buffer-java","version":"1:4.1.48-16ubuntu0.1~esm2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"},{"name":"libnetty-common-java","version":"1:4.1.48-16ubuntu0.1~esm2","is_source":false,"is_visible":false,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"},{"name":"libnetty-java","version":"1:4.1.48-16ubuntu0.1~esm2","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps"}],"trusty":[{"name":"netty","version":"1:3.2.6.Final-2+deb8u2ubuntu0.1~esm1","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:3.2.6.Final-2+deb8u2ubuntu0.1~esm1","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-infra-legacy"}],"xenial":[{"name":"netty","version":"1:4.0.34-1ubuntu0.1~esm4","description":"event-driven asynchronous network application framework","is_source":true},{"name":"libnetty-java","version":"1:4.0.34-1ubuntu0.1~esm4","is_source":false,"is_visible":true,"source_link":"https://launchpad.net/ubuntu/+source/netty","version_link":null,"pocket":"esm-apps-legacy"}]},"type":"USN","cves":[{"id":"CVE-2026-42586","notices_ids":["USN-8401-1"]},{"id":"CVE-2026-42579","notices_ids":["USN-8401-1"]},{"id":"CVE-2026-42585","notices_ids":["USN-8401-1"]},{"id":"CVE-2026-42581","notices_ids":["USN-8401-1"]},{"id":"CVE-2026-42584","notices_ids":["USN-8401-1"]},{"id":"CVE-2026-42578","notices_ids":["USN-8401-1"]}],"cves_ids":["CVE-2026-42586","CVE-2026-42579","CVE-2026-42585","CVE-2026-42581","CVE-2026-42584","CVE-2026-42578"],"releases":[{"codename":"resolute","version":"26.04","support_tag":"LTS"},{"codename":"noble","version":"24.04","support_tag":"LTS"},{"codename":"jammy","version":"22.04","support_tag":"LTS"},{"codename":"focal","version":"20.04","support_tag":"ESM"},{"codename":"bionic","version":"18.04","support_tag":"ESM"},{"codename":"xenial","version":"16.04","support_tag":"ESM"},{"codename":"trusty","version":"14.04","support_tag":"ESM"}],"related_notices":[]}],"offset":0,"limit":10,"total_results":10783}